1
22
23 package com.liferay.portal.events;
24
25 import com.liferay.portal.kernel.events.Action;
26 import com.liferay.portal.kernel.events.ActionException;
27 import com.liferay.portal.kernel.log.Log;
28 import com.liferay.portal.kernel.log.LogFactoryUtil;
29 import com.liferay.portal.kernel.util.Http;
30 import com.liferay.portal.kernel.util.HttpUtil;
31 import com.liferay.portal.kernel.util.StringUtil;
32
33 import javax.servlet.http.HttpServletRequest;
34 import javax.servlet.http.HttpServletResponse;
35
36
47 public class SecureRequestAction extends Action {
48
49 public void run(HttpServletRequest request, HttpServletResponse response)
50 throws ActionException {
51
52 try {
53 if (request.isSecure()) {
54 return;
55 }
56
57 if (!isRequiresSecure(request)) {
58 return;
59 }
60
61 if (response.isCommitted()) {
62 return;
63 }
64
65 String redirect = getRedirect(request);
66
67 if (_log.isDebugEnabled()) {
68 _log.debug("Redirect " + redirect);
69 }
70
71 if (redirect != null) {
72 response.sendRedirect(redirect);
73 }
74 }
75 catch (Exception e) {
76 throw new ActionException(e);
77 }
78 }
79
80 protected String getRedirect(HttpServletRequest request) {
81 String unsecureCompleteURL = HttpUtil.getCompleteURL(request);
82
83 if (_log.isDebugEnabled()) {
84 _log.debug("Unsecure URL " + unsecureCompleteURL);
85 }
86
87 String secureCompleteURL = StringUtil.replaceFirst(
88 unsecureCompleteURL, Http.HTTP_WITH_SLASH, Http.HTTPS_WITH_SLASH);
89
90 if (_log.isDebugEnabled()) {
91 _log.debug("Secure URL " + secureCompleteURL);
92 }
93
94 if (unsecureCompleteURL.equals(secureCompleteURL)) {
95 return null;
96 }
97 else {
98 return secureCompleteURL;
99 }
100 }
101
102 protected boolean isRequiresSecure(HttpServletRequest request) {
103 return _REQUIRES_SECURE;
104 }
105
106 private static final boolean _REQUIRES_SECURE = true;
107
108 private static Log _log = LogFactoryUtil.getLog(SecureRequestAction.class);
109
110 }